Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Agentic AI Security: The Emerging Fourth Pillar of Cybersecurity

For decades, cybersecurity has been organized around three dominant pillars: endpoint security, network security, and cloud security. These domains have shaped technology categories, vendor ecosystems, and enterprise budgets. They have matured into multi-billion-dollar markets, each responding to successive waves of digital transformation. However, a tectonic shift is underway.

New AMOS Infection Vector Highlights Risks around AI Adoption

During a recent investigation into AMOS InfoStealer, Kroll Threat Intelligence Team has discovered a troubling new delivery vector that leverages the growing trust users place in AI tools. In this case, attackers leveraged ChatGPT as the source of guidance, tricking victims into initiating the infection, presenting it as a legitimate solution to a common technical problem. Victims were tricked into believing they were running a harmless command to fix a sound issue on their Mac device.

Google Gemini 3 Pro Builds an App with ONE PROMPT...

Google announced Gemini 3 Pro, which they tout as their most intelligent model yet that's best for complex tasks and bringing creative concepts to life. We're going to put this model to the test and see how good it is at fulfilling our prompt with a production ready app and the security of the code it produces.

How strategic CISOs turn AI risks into competitive advantages

As the flurry of excitement over fresh AI innovation begins to fade, risk leaders, heads of GRC and CISOs have a new challenge to tackle. Regulators, customers, and boards are all asking harder questions about how AI is used, secured, and audited. For CISOs, AI governance is now a board-level expectation. Some organizations will be able to confidently show their measured and documented approach to AI governance.

The Future of AI in the Crane Industry: Safety, Intelligence, and Industrial Upgrading

As artificial intelligence (AI) technologies continue to advance, their influence is rapidly expanding across a wide range of industries. The crane and lifting-equipment sector is no exception. AI is reshaping how cranes operate, how they are maintained, and how future industrial environments ensure safety and efficiency. This article explores the key development prospects of AI in crane machinery-focusing on intelligence, safety, efficiency, and industrial transformation-through a security-centric lens suitable for modern industrial operations.

Secure-by-Design: Best Practices for Integrating AI Features into Modern Apps

AI-driven features have rapidly shifted from experimental add-ons to core expectations inside modern applications. Whether the goal is automation, personalization, or advanced data visualization, users now assume that intelligent components will be woven into their daily tools. Even something as simple as an online AI chart maker can become a standard part of how teams interpret information inside secure platforms, pushing developers to think more critically about how these capabilities are planned and protected.
Featured Post

Cyber Resilience and AI Risk: Safeguarding Critical Infrastructure in a New Threat Landscape

In October, the UK put a spotlight on cyber resilience with the release of the NCSC's 2025 Annual Review. CEO Richard Horne warned that failing to prepare for cyberattacks risks a company's future. The urgency behind this statement is backed by data: the NCSC handled 204 major cyber incidents between September 2024 and 2025, and 43% of UK businesses reported a breach in the past year.

Beyond security theater: How automated trust closes the AI readiness gap

‍ AI is transforming businesses at breakneck speed—but security isn’t keeping up. ‍ According to Vanta’s State of Trust Report 2025, which surveyed over 2,500 business and IT leaders around the world, 3 in 5 say AI-related security threats are outpacing their expertise. With a majority of organizations experiencing threats weekly, AI is not just driving the volume, but the precision of these attacks.

Critical vLLM Flaw Exposes the Soft Underbelly of AI Infrastructure

While the world worries about "jailbreaking" LLMs or preventing them from hallucinating, a critical new vulnerability has just reminded us of a fundamental truth: AI is just software, and software has bugs. A newly discovered critical flaw (CVE-2025-62164) in vLLM, one of the most popular libraries for serving large language models, allows attackers to achieve Remote Code Execution (RCE) or crash servers simply by sending a malicious API request. This isn't a failure of the AI model.